[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: starting out with openldap.

man, 19.01.2004 kl. 04.19 skrev Jim Greene:

>     I tried this last week but recieved no responses. I would really like to
> get a pointer in the correct direction. Thanks
> openldap 2.2.4
> redhat AS 3.0

Good, you've chucked the original Openldap 2.0.27 off your AS 3. So have
I, with RHEL 3. You've presumably compiled your own 2.2.4. So have I ;)


> adding new entry "domainName=testme.net,ou=isp,dc=domain,dc=net"
> ldapadd: update failed: domainName=testme.net,ou=isp,dc=domain,dc=net
> ldap_add: Invalid DN syntax (34)
>         additional info: invalid DN
> Any clues as th why I am getting this error, and how I go about fixing it.

The schema that is the cause of this barf is not a standard Openldap
schema. I don't have it, for example, so I can't check it.

If you had previously been running 2.0.27 and could use this schema,
that's probably because 2.0.27 was either lax in schema checking, or
doesn't implement it at all. In contrast, 2.2.4 is very strct in
checking that schemas adhere to the IETF rules. One set of rules defines
SYNTAX. To see what SYNTAX is, go to your schema directory an less, for
example, cosine.schema; look for SYNTAX. Your ISP schema is using an
invalid code.

To get around this, you can do one of 2 things:

1: Fix the code, so that it is correct. In your 2.2.4 source code tree,
you'll find doc/rfc. In that directory, read rfc1274 and rfc2256.
That'll take you a while.

2: In the meantime, to get Openldap 2.2.4 to accept that schema, in
slapd.conf put "schemacheck off" in slapd.conf. This is generally "a bad

Lastly, get and compile GQ 1.0b1 by jumping from www.biot.com, It's a
GUI for LDAP (not just Openldap) that'll teach you a lot.


mail: billy - at - billy.demon.nl